ATTORNEY DOCKET NO. 
5022.18-1 



7 



PATENT APPLICATION 



WHAT IS CLAIMED IS : 

1 . A system of route target filtering, comprising: 

an import filter receiving a plurality of routes, the plurality of routes having a 
next hop routing information, the import filter accepting a first subset of the routes 
according to an import target policy; and 

a re-export filter receiving the plurality of routes, modifying the next hop 
information of a second subset of the routes, and distributing the modified routes. 

2. The system, as set forth in claim 1, wherein the re-export filter 
modifies the next hop information to be the address of a router serving as a firewall of 
a network. 

3. The system, as set forth in claim 1, wherein the re-export filter 
modifies the next hop information to be the address of a firewall of a virtual private 
network. 

4. The system, as set forth in claim 1, wherein the re-export filter 
comprises a mask, a value for comparison with the route, and an action to take in 
response to a match between the route and the comparison value. 

5. The system, as set forth in claim 1, wherein the plurality of routes each 
comprises a route distinguisher, a route target, and the next hop information. 
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6. A network, comprising: 
a hub node; 

a plurality of spoke nodes in communications with one another via the hub 
node; and 

the hub node including: 

an import filter receiving a plurality of routes, the plurality of routes 
having a next hop routing information, the import filter accepting a first subset 
of the routes according to an import target policy; and 

a re-export filter receiving the plurality of routes, modifying the next 
hop information of a second subset of the routes, and distributing the modified 
routes. 

7. The network, as set forth in claim 6, wherein the re-export filter 
modifies the next hop information to be the address of the hub node. 

8. The network, as set forth in claim 6, wherein the re-export filter 
modifies the next hop information to be the address of the hub node serving as a 
firewall for the network. 

9. The network, as set forth in claim 6, wherein the re-export filter 
modifies the next hop information to be the address of the hub serving as a firewall of 
a virtual private network. 

10. The network, as set forth in claim 6, wherein the re-export filter 
comprises a mask, a value for comparison with the route, and an action to take in 
response to a match between the route and the comparison value. 

11. The network, as set forth in claim 6, wherein the plurality of routes 
each comprises a route distinguisher, a route target, and the next hop information. 

12. The network, as set forth in claim 6, wherein the hub node is a 
customer edge device coupling a site to a provider network. 
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13. A method, comprising: 

receiving a plurality of routes each having a next hop routing information; 
accepting a first subset of the plurality of routes according to a predetermined 

policy; 

5 modifying the next hop information of a second subset of the plurality of 

routes' and 

distributing the modified routes. 

14. The method, as set forth in claim 13, wherein modifying the next hop 
10 information comprises modifying the next hop information to be the address of a 

router serving as a firewall of a network. 

15. The method, as set forth in claim 13, wherein modifying the next hop 
information comprises modifying the next hop information to be the address of a 

1 5 firewall of a virtual private network. 

16. The method, as set forth in claim 13, wherein the re-export filter 
comprises a mask, a value for comparison with the route, and an action to take in 
response to a match between the route and the comparison value. 

20 

17. The method, as set forth in claim 13, wherein receiving the plurality of 
routes comprises receiving a route distinguisher, a route target, and the next hop 
information. 



